Du brauchst Hilfe? Frage die Community oder wende dich an einen Experten.
Zu Avira Answers
Virus:EXP/Pidief.zar
Date discovered:19/12/2012
Type:Exploit
In the wild:No
Reported Infections:Medium
Distribution Potential:Low
Damage Potential:Low to medium
Static file:Yes
File size:13.672 Bytes
MD5 checksum:46fbd9ecec529151e6ec7ffac2f9f94e
VDF version:7.11.54.86 - Wednesday, December 19, 2012
IVDF version:7.11.54.86 - Wednesday, December 19, 2012

 General Method of propagation:
   • By visiting infected websites

Similar detection:
     JS/Redirector.SB
     TR/Obisty.A


Platforms / OS:
   • Windows 2000
   • Windows XP
   • Windows 2003
    Windows Vista
    Windows Server 2008
    Windows 7


Side effects:
   • Downloads a malicious file
    Drive-by download
   • Makes use of software vulnerability

 Files It tries to download a file:

The location is the following:
   • http://apensiona.ru:8080/**********/links/column.php?%given parameter%
It is saved on the local hard drive under: %HOME%\Local SettingsTemp\wpbt0.dll Furthermore this file gets executed after it was fully downloaded. Further investigation pointed out that this file is malware, too. Detected as: TR/Obisty.A

 File details Programming language:
 • JavaScript


Encryption:
Encrypted - The virus code inside the file is encrypted.

Die Beschreibung wurde erstellt von Andrei Gherman am Mittwoch, 19. Dezember 2012
Die Beschreibung wurde geändert von Andrei Gherman am Mittwoch, 19. Dezember 2012

zurück . . . .